Cisco NS-OS: Virtual eXtensible LAN (VXLAN) Overview

VXLAN is a tunneling protocol that encapsulates Layer 2 Ethernet frames in Layer 3 UDP packets.


  • VLAN Scalability  – expands VLAN name space
    • VLANs use 12 bit -4096 values
    • VXLAN uses 24 bit – 16777216 values
  • allows layer 2 multipathing
    • no STP
    • uses layer 3 ECMP over CLOS fabric (like FabricPath)
  • allows for multi-tenancy
    • separate of customer traffic over shared underlay fabric
    • allows for overlapping layer 2 and layer 3 addresses (VLANs and IP are locally significant – could be VLAN 10 in one DC and VLAN20 in another DC, as long as the same subnet and VXLAN)
  • CE – only one port is active
  • vPC – can not scale out, only 2 distribution switches
  • FabricPath – L2 only and there is no active control plane (legacy now, because of VXLAN)
  • VXLAN – optimize the control plane (don’t send broadcast everywhere, not learning every possible MAC addresses)

VXLAN Terminology

  • Underlay Network – provides transport for VXLAN
    • OSPF/EIGRP/IS-IS router fabric
  • Overlay Network – uses the service provided by VXLAN
  • VXLAN – Virtual eXtensivle LAN
  • VNI / VNID – VXLAN Network Identifier (replaces the VLAN ID)
  • VTEP – VXLAN Tunnel End Point
    • box that performs VXLAN encap/decap
    • hardware or software (Nexus 5600, N7K-M3, Nexus 1000v)
  • VXLAN Segment – the resulting L2 overlay network
  • VXLAN Gateway – device that forwars traffic between VXLANs
  • NVE – Network Virtualization Edge
    • logical representation of the VTEP
    • NVE is the tunnel interface

VXLAN Encapsulation

  • VXLAN over UDP over IP

Basic VXLAN Workflow

  • Receive ARP from local host
  • Find the remote VTEP
    • multicast flood and learn
    • ingress replication
  • Unicast encap frame to the VTEP
    • throw away the VLAN
    • replace it with the VNID

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *